你当前正在访问 Microsoft Azure Global Edition 技术文档网站。 如果需要访问由世纪互联运营的 Microsoft Azure 中国技术文档网站，请访问 https://docs.azure.cn。

Add-AzServiceFabricManagedClusterNetworkSecurityRule

模块:

Az.ServiceFabric

将网络安全规则添加到群集资源。

语法

Add-AzServiceFabricManagedClusterNetworkSecurityRule
   [-InputObject] <PSManagedCluster>
   -Access <NetworkSecurityAccess>
   [-Description <String>]
   -DestinationAddressPrefix <String[]>
   -DestinationPortRange <String[]>
   -Direction <NetworkSecurityDirection>
   -Name <String>
   -Priority <Int32>
   -Protocol <NetworkSecurityProtocol>
   -SourceAddressPrefix <String[]>
   -SourcePortRange <String[]>
   [-AsJob]
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Add-AzServiceFabricManagedClusterNetworkSecurityRule
   [-ResourceGroupName] <String>
   [-ClusterName] <String>
   -Access <NetworkSecurityAccess>
   [-Description <String>]
   -DestinationAddressPrefix <String[]>
   -DestinationPortRange <String[]>
   -Direction <NetworkSecurityDirection>
   -Name <String>
   -Priority <Int32>
   -Protocol <NetworkSecurityProtocol>
   -SourceAddressPrefix <String[]>
   -SourcePortRange <String[]>
   [-AsJob]
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

说明

将网络安全规则添加到群集资源。 这将添加具有指定属性的网络安全规则

示例

示例 1

$resourceGroupName = "sfmcps-test-rg"
$clusterName = "sfmcps-test-cluster"
$NSRName = "testSecRule1"
$sourcePortRanges = "1-1000"
$destinationPortRanges = "1-65535"
$destinationAddressPrefixes = "194.69.104.0/25", "194.69.119.64/26", "167.220.249.128/26", "255.255.255.255/32"
$sourceAddressPrefixes = "167.220.242.0/27", "167.220.0.0/23", "131.107.132.16/28", "167.220.81.128/26"

$cluster = Add-AzServiceFabricManagedClusterNetworkSecurityRule -ResourceGroupName $resourceGroupName -ClusterName $clusterName `
        -Name $NSRName -Access Allow -Direction Outbound -Protocol tcp -Priority 1200 -SourcePortRange $sourcePortRange -DestinationPortRange $destinationPortRanges -DestinationAddressPrefix $destinationAddressPrefixes -SourceAddressPrefix $sourceAddressPrefixes -Verbose

此命令将添加具有上述属性的网络安全规则。

示例 2

$resourceGroupName = "sfmcps-test-rg"
$clusterName = "sfmcps-test-cluster"
$NSRName = "testSecRule2"
$sourcePortRanges = "1-1000"
$destinationPortRanges = "1-65535"
$destinationAddressPrefixes = "194.69.104.0/25", "194.69.119.64/26", "167.220.249.128/26", "255.255.255.255/32"
$sourceAddressPrefixes = "167.220.242.0/27", "167.220.0.0/23", "131.107.132.16/28", "167.220.81.128/26"

$cluster = Add-AzServiceFabricManagedClusterNetworkSecurityRule -ResourceGroupName $resourceGroupName -ClusterName $clusterName `
        -Name $NSRName -Access Deny -Direction Outbound -Protocol udp -Priority 1300 -SourcePortRange $sourcePortRange -DestinationPortRange $destinationPortRanges -DestinationAddressPrefix $destinationAddressPrefixes -SourceAddressPrefix $sourceAddressPrefixes -Verbose

类似于具有不同属性的 Example1。

示例 3

$resourceGroupName = "sfmcps-test-rg"
$clusterName = "sfmcps-test-cluster"
$NSRName = "testSecRule3"
$description = "test network security rule"
$sourcePortRanges = "1-1000"
$destinationPortRanges = "1-65535"
$destinationAddressPrefixes = "194.69.104.0/25", "194.69.119.64/26", "167.220.249.128/26", "255.255.255.255/32"
$sourceAddressPrefixes = "167.220.242.0/27", "167.220.0.0/23", "131.107.132.16/28", "167.220.81.128/26"

$cluster = $clusterFromGet | Add-AzServiceFabricManagedClusterNetworkSecurityRule `
        -Name $NSRName -Access Allow -Description $description -Direction Outbound -Protocol tcp -Priority 1400 -SourcePortRange $sourcePortRanges -DestinationPortRange $destinationPortRanges -DestinationAddressPrefix $destinationAddressPrefixes -SourceAddressPrefix $sourceAddressPrefixes -Verbose

此命令将使用群集对象和管道添加网络安全规则。

参数

-Access

获取或设置允许或拒绝网络流量。 可能的值包括：允许、拒绝

类型:	NetworkSecurityAccess
接受的值:	Allow, Deny
Position:	Named
默认值:	None
必需:	True
Accept pipeline input:	False
Accept wildcard characters:	False

-AsJob

在后台运行 cmdlet 并返回作业以跟踪进度

类型:	SwitchParameter
Position:	Named
默认值:	None
必需:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-ClusterName

指定群集的名称。

类型:	String
Position:	1
默认值:	None
必需:	True
Accept pipeline input:	True
Accept wildcard characters:	False

-Confirm

提示你在运行 cmdlet 之前进行确认。

类型:	SwitchParameter
Aliases:	cf
Position:	Named
默认值:	None
必需:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-DefaultProfile

用于与 Azure 通信的凭据、帐户、租户和订阅。

类型:	IAzureContextContainer
Aliases:	AzContext, AzureRmContext, AzureCredential
Position:	Named
默认值:	None
必需:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-Description

获取或设置网络安全规则说明

类型:	String
Position:	Named
默认值:	None
必需:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-DestinationAddressPrefix

获取或设置目标地址前缀。 CIDR 或目标 IP 范围

类型:	String[]
Position:	Named
默认值:	None
必需:	True
Accept pipeline input:	False
Accept wildcard characters:	False

-DestinationPortRange

获取或设置目标端口范围

类型:	String[]
Position:	Named
默认值:	None
必需:	True
Accept pipeline input:	False
Accept wildcard characters:	False

-Direction

获取或设置网络安全规则方向。 可能的值包括：入站、出站

类型:	NetworkSecurityDirection
接受的值:	Inbound, Outbound
Position:	Named
默认值:	None
必需:	True
Accept pipeline input:	False
Accept wildcard characters:	False

-InputObject

托管群集资源

类型:	PSManagedCluster
Position:	0
默认值:	None
必需:	True
Accept pipeline input:	True
Accept wildcard characters:	False

-Name

网络安全规则名称

类型:	String
Aliases:	NetworkSecurityRuleName
Position:	Named
默认值:	None
必需:	True
Accept pipeline input:	False
Accept wildcard characters:	False

-Priority

获取或设置规则的优先级。 该值可以介于 1000 到 3000 的范围内。 此范围之外的值是为 Service Fabric ManagerCluster 资源提供程序保留的。 对于集合中的每个规则，优先级编号必须是唯一的。 优先级数字越低，规则优先级越高

类型:	Int32
Position:	Named
默认值:	None
必需:	True
Accept pipeline input:	False
Accept wildcard characters:	False

-Protocol

获取或设置此规则适用的网络协议。 可能的值包括：http、https、tcp、udp、icmp、ah、esp、any

类型:	NetworkSecurityProtocol
接受的值:	https, http, udp, tcp, esp, icmp, ah, any
Position:	Named
默认值:	None
必需:	True
Accept pipeline input:	False
Accept wildcard characters:	False

-ResourceGroupName

指定资源组的名称。

类型:	String
Position:	0
默认值:	None
必需:	True
Accept pipeline input:	True
Accept wildcard characters:	False

-SourceAddressPrefix

获取或设置 CIDR 或源 IP 范围

类型:	String[]
Position:	Named
默认值:	None
必需:	True
Accept pipeline input:	False
Accept wildcard characters:	False

-SourcePortRange

在后台运行 cmdlet 并返回作业以跟踪进度

类型:	String[]
Position:	Named
默认值:	None
必需:	True
Accept pipeline input:	False
Accept wildcard characters:	False

-WhatIf

显示运行该 cmdlet 时会发生什么情况。 cmdlet 未运行。

类型:	SwitchParameter
Aliases:	wi
Position:	Named
默认值:	None
必需:	False
Accept pipeline input:	False
Accept wildcard characters:	False

输入

String

输出

PSManagedCluster